Typhon is a macOS specific payload aimed at targetting Jamf managed devices.

Related tags

Networkingtyphon
Overview

Typhon Logo

Typhon

Typhon is a macOS specific payload aimed at targetting Jamf managed devices. This payload can be used to manipulate macOS devices into communicating with a Mythic instance, which acts as a Jamf server with the ability to execute commands.

Talks & Publications

Installation

To install typhon, you'll need Mythic installed on a remote computer. You can find installation instructions for Mythic at the Mythic project page.

From the Mythic install root, run the command:

./mythic-cli install github https://github.com/MythicAgents/typhon.git

Once installed, restart Mythic to build a new agent.

Notable Features

The typhon agent utilises functionality provided by the Jamf binary. As such no additional code needs to be introduced to the compromised device for this agent to operate.

The client-side Jamf agent contains a variety of functionality that may be utilised by this Mythic payload/profile, however the main focus of the initial release is providing code execution through the agent itself. Any additional feature requests are welcomed.

Commands Manual Quick Reference

The agent currently employs three commands that imitate standard Jamf policy instructions.

Commands

Command Syntax Description
add_user add_user Add a standard or administrative user to the device.
delete_user delete_user Deletes a user account on the device.
execute_command execute_command Executes a bash command on the target device with root privileges.
Owner
Mythic Agents
A centralized area for installable Mythic Agents based on https://github.com/its-a-feature/Mythic_External_Agent
Mythic Agents
Wifi-Jamming is a simple, yet highly effective method of causing a DoS on a wireless implemented using python pyqt5.

pyqt5-linux-wifi-jamming-tool Linux-Wifi-Jamming is a simple GUI tool, yet highly effective method of causing a DoS on a wireless implemented using py

lafesa 8 Dec 05, 2022
SMS Based Headless Browsing

Browse the internet without a network connection - Submission for ConUHacks VI

Zafir Khalid 2 Feb 07, 2022
Ov3 - Easy common OpenVPN3 operations

ov3 Easy common OpenVPN3 operations Install ov3 requires Python3 and OpenVPN3 to

Yunus Bora Erciyas 6 Apr 25, 2022
Build custom OSINT tools and APIs (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whois, Metadata & built-in database for more info) with this python package

Build custom OSINT tools and APIs with this python package - It includes different OSINT modules (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whoi

QeeqBox 52 Jan 06, 2023
Lets you remove all friends, leave GCs, and leave servers, in an instant!

anonymity Lets you remove all friends, leave GCs, and leave servers, in an instant! You can also do each of them by themselves. First, you need to get

1 Dec 07, 2021
A pure-Python KSUID implementation

Svix - Webhooks as a service Svix-KSUID This library is inspired by Segment's KSUID implementation: https://github.com/segmentio/ksuid What is a ksuid

Svix 83 Dec 16, 2022
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more

FullHunt 3.2k Jan 02, 2023
Autopen is a very modular tool that automates the execution of scans during a penetration test.

Autopen Autopen is a very modular tool that automates the execution of scans during a penetration test. A Nmap scan result in the form of an XML file

2 Dec 22, 2021
Connection package to a raspberry or any other machine using ssh, it simplifies the deployment scripts and monitoring.

Connection package to a raspberry or any other machine using ssh, it simplifies the deployment scripts and monitoring.

Dashstrom 7 Mar 29, 2022
MoreIP 一款基于Python的面向 MacOS/Linux 用户用于查询IP/域名信息的日常渗透小工具

MoreIP 一款基于Python的面向 MacOS/Linux 用户用于查询IP/域名信息的日常渗透小工具

xq17 9 Sep 21, 2022
Discord RPC Generator With Python

Discord-RPC-Generator Thank you for using this Discord Custom RP Generator. This is 100% safe and open source. Download Discord for your computer here

1 Nov 09, 2021
Docker container for demoing Wi-Fi calling stack.

VoWiFiLocalDemo - Docker container that runs StrongSwan and Kamailio to demonstrate how Wi-Fi calling works on smartphones.

18 Nov 12, 2022
Mass querying whois records using whois tool

Mass querying whois records using whois tool

Mohamed Elbadry 24 Nov 10, 2022
Ultimate transformation library that supports validation, contexts and aiohttp.

Trafaret Ultimate transformation library that supports validation, contexts and aiohttp. Trafaret is rigid and powerful lib to work with foreign data,

Mikhail Krivushin 174 Nov 27, 2022
pfSense integration with Home Assistant

hass-pfsense Join pfSense with home-assistant! hass-pfsense uses the built-in xmlrpc service of pfSense for all interactions. No special plugins or so

Travis Glenn Hansen 105 Dec 24, 2022
A simple and lightweight server that allows clients to connect and launch a shell remotely through a browser.

carrotsh A simple and lightweight server that allows clients to connect and launch a shell remotely through a browser. Uses xterm.js for the frontend

V9 31 Dec 27, 2022
Find information about an IP address, such as its location, ISP, hostname, region, country, and city.

Find information about an IP address, such as its location, ISP, hostname, region, country, and city. An IP address can be traced, tracked, and located.

Sachit Yadav 2 Jul 09, 2022
Easy-to-setup bot, ChatOps project for handling telegram chat logging over docker-compose services, being runned as one of them.

Easy-to-setup bot, ChatOps project for handling telegram chat logging over docker-compose services, being runned as one of them.

Rashid 7 Aug 08, 2022
Throttle rTorrent on Plex stream Start/Stop

Dependencies Python 3.6+ Tautulli Script Setup Edit rtorrent_throttle.py and set rTorrent username, password and RPC2 url. Tautulli Setup Commum Scrip

4 Apr 25, 2022
Official ProtonVPN Linux app

ProtonVPN Linux App Copyright (c) 2021 Proton Technologies AG This repository holds the ProtonVPN Linux App. For licensing information see COPYING. Fo

ProtonVPN 288 Jan 01, 2023